Cloud Security

A service defect in Chongqing Mobile may be caused by Intranet There are traces of intrusion. Security means that you do not know that what you are using has been hacked. Security means security.I will not go deep into it. After all, I am using my

Java deserialization vulnerabilities (CVE-2015-6420) for Cisco products)Java deserialization vulnerabilities (CVE-2015-6420) for Cisco products) Release date:Updated on:Affected Systems: Cisco Unified Computing Cisco Voice and Unified Communications

OWASP Mobile Security Test guide: Certificate lock bypass Certificate Pinning is an additional security layer that ensures the uniqueness of certificates provided by remote servers for applications.The remote server x509 Certificate or public key

Introduction to the browser fuzz framework This article briefly introduces the principles and advantages and disadvantages of the three popular browser dynamic Fuzz tools cross_fuzz, grinder, and X-Fuzzer, it also provides a browser fuzz method that

OWASP's top 10 Web security problems are totally out of control in the JEE System Although Java ee has some excellent built-in security mechanisms, it cannot fully cope with various threats facing applications, especially many of the most common

Java deserialization vulnerability execution command echo implementation and Exploit download Some of the technologies and tools mentioned in this article may be offensive and only for safe learning and teaching purposes. Illegal use is prohibited! 0

Baidu Mail System employee account general password involves employee and internal information It seems that this is the general mailbox password of Baidu branch in Shanghai.Detailed description: Someone cracked your email address and received an

The same security vulnerability exists in AVG, McAfee, and Kaspersky software. Antivirus software of AVG, McAfee, and Kaspersky has the same security vulnerability. Anti-Virus Software creates a memory space with read/write execution permissions

Android Audio component information leakage Vulnerability (CVE-2015-6627)Android Audio component information leakage Vulnerability (CVE-2015-6627) Release date:Updated on:Affected Systems: Android Android 6.0 Description: CVE (CAN) ID: CVE-201

Android mediaserver Memory Corruption Vulnerability (CVE-2015-8506)Android mediaserver Memory Corruption Vulnerability (CVE-2015-8506) Release date:Updated on:Affected Systems: Android Android 6.0 Description: CVE (CAN) ID:

Android mediaserver Memory Corruption Vulnerability (CVE-2015-8505)Android mediaserver Memory Corruption Vulnerability (CVE-2015-8505) Release date:Updated on:Affected Systems: Android Description: CVE (CAN) ID: CVE-2015-8505Android is a

TCP handshake Spoofing This is a new attack method for our existing knowledge. Generally, the two ends of the TCP handshake are authenticated to each other's IP addresses. This attack tells us that this is not always true. In the cooperative

Modbus TCP traffic analysis Modbus protocol Modbus is the world's first bus protocol for industrial field use. ModBus uses Master/Slave (Master/Slave) communication. A maximum of 247 slave controllers are supported, but the number of actually

Bilibili Intranet roaming: redis obtains the root permission I pretended to listen to a port on VPS, and then suddenly rebounded to a shell. Well, I pretend I don't know which month a crontab backdoor brought me into Bilibili's intranet again.There

Reverse Engineering (I): Basics of assembly and Reverse Engineering   This series of articles will explain the various knowledge of reverse engineering, which is easy to understand. Assembly is the basis of reverse engineering. This article is not

Weak background passwords of a game in (various pictures and classification information are included) Podoano ** \ cangjing * \ yanze ** \ jizawa ** \ xiaoze ** and other beautiful pictures, sent 5wb to the communityDetailed description:

A vulnerability in ruiqibao allows you to log on to an account at will. Ruiqibao Internet Financial Management Investment and Financing platform is a P2C Internet Financial investment platform established by Beijing ruiqibao Information Service Co.,

Siteserver cms uses webshell in the backgroundTarget Site: http://www.xxxxx.gov.cn Default background address: http://www.xxxx.gov.cn/siteserver/login.aspx login into the background to see: see the upper left corner, I suddenly went to Baidu ha this

Attackers can execute arbitrary SQL statements by bypassing the latest website security dog (IIS) protection rules. Attackers can execute arbitrary SQL statements by bypassing protection rules...Detailed description: There are still many websites

The latest Discuz fix is incomplete, so you can still store XSS for the Administrator The new version fixes the insertion points provided in the http://wooyun.org/bugs/wooyun-2010-099979 However, due to the programmer's negligence, the repaired